Machine Synopsis

`MonitorsThree` is a Medium Difficulty Linux machine that features a website for a company offering networking solutions. The website has a forgotten password page vulnerable to `SQL injection`, which is leveraged to gain access to credentials. Further enumeration of the website reveals a subdomain featuring a `Cacti` instance that can be accessed with the credentials obtained from the `SQL injection`. The `Cacti` instance is vulnerable to `[CVE-2024-25641](https://nvd.nist.gov/vuln/detail/CVE-2024-25641)`, which is leveraged to gain a foothold on the system. Further enumeration of the system reveals credentials used to access the database, where hashes are found and cracked to obtain the user password. This is then used to gain access to `SSH` private keys, leading to `SSH` access to the system. Enumeration of open ports on the system reveals a vulnerable `Duplicati`instance, which is leveraged to gain a shell as root.